Description of problem: Compile nginx with Kerberos (spnego) support Additional info: There is nginx [1] module (actually, not just one [2][3]) that supports spnego. This would be really handy when running nginx in corporate domain. I'll try to build it myself (scratchbuild in koji) and if successful I'll post patch here. [1] https://github.com/stnoonan/spnego-http-auth-nginx-module [2] https://github.com/muhgatus/spnego-http-auth-nginx-module [3] https://github.com/ifad/spnego-http-auth-nginx-module
Created attachment 748141 [details] added upport for spnego (kerberos) So I added patch (it is patched specfile, el6 branch -- fedora is pretty similar) and with this binary I was able to use kerberos with nginx. I think it would be pretty awesome, if nginx were build with the spnego module. I used this one [1]. [1] https://github.com/stnoonan/spnego-http-auth-nginx-module
Thanks for your comments. We've had a few requests for third-party modules. I'll try looking into doing things similar to Debian (with nginx-full, nginx-light, nginx-extras packages). I'll keep you posted.
One of the main issues with supporting third-party modules is that sometimes they can hold back upgrading to the latest version of nginx. We pretty much always want to be tracking the latest version of nginx, and I'm not sure I like the idea of picking up extra modules, only to have to drop them intermittently and add them back some time in the hand-wavy future once their development has caught up with upstream.
Okay, that's reasonable. It would be really inconvenient to hold update back due to some module. Feel free to close this (patch is here if someone would need it).
Closing for now, but I do plan to explore the possibility of including third-party modules (possibly in a similar fashion to how Debian do things).